The Hacker News

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

North Korea-linked ScarCruft uses fake Microsoft Account alerts and ZIP files to deliver NarwhalRAT, a Python RAT built for ...
NewsBytes

Perplexity launches 'Search as code' to write Python search code

Perplexity CEO Aravind Srinivas introduced a groundbreaking “search as codegen” system, enabling AI agents to execute complex tasks through Python-based workflows.

Should You Hijack a Corporate AI Chatbot for Free Tokens?

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...

Vibe coding can build your pipeline. It can't explain it six months later

The rise of vibe coding can further amplify these problems as more operational context, architectural decisions, and business knowledge become scattered across prompts, conversations, generated code, ...

Kimi K2.7-Code cuts thinking tokens 30% — but practitioners say the benchmarks don't check out

Kimi K2.7-Code claims 30% fewer thinking tokens and a drop-in API swap path, but independent benchmarks show kernel ...
The Hacker News

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

Three LiteLLM flaws let low-privilege users gain admin access and run code, exposing AI keys, secrets, prompts, and responses ...
Security Boulevard

When AI Agents Become Bots: A Field Report from the Authentication Layer

Security vendors and their customers have spent considerable time debating where to draw the line between “legitimate” AI agents and “malicious” bots. A 31-day campaign against a major consumer ...

Malicious Hugging Face Models Could Trigger Remote Code Execution

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...
Tech Times

Anthropic Ends Subscription Subsidy for Agents June 15: Credit Pool Replaces Flat-Rate Access

Claude subscription billing changes June 15 as Anthropic moves Agent SDK and claude -p to a separate per-user credit of $20 ...
Circuit Digest

How to do Object Detection with Raspberry Pi Using CircuitDigest Cloud

Step 1: First, you need to make an account on the CircuitDigest Cloud. If you already have one, just go to the CircuitDigest ...
Tech Times

Stack Overflow for Agents Enters Beta: Human Reputation Anchors Machine-Speed Corpus

Stack Overflow for Agents, now in public beta, lets AI coding agents query and write back to a verified knowledge corpus — ...
Bleeping Computer

Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to run arbitrary code on exposed servers. The flaw is tracked as ...